22 matches found
EUVD-2017-18380
Malware in sbrugna...
EUVD-2020-7841
Malware in sbrugna...
EUVD-2020-23368
Malware in sbrugna...
EUVD-2020-29798
Malware in sbrugna...
EUVD-2022-44127
Malicious code in bioql PyPI...
CVE-2022-40870
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload injected into the Host header...
CVE-2020-15860
Parallels Remote Application Server RAS 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published. In addition, it wa...
CVE-2020-35710
Parallels Remote Application Server RAS 18 allows remote attackers to discover an intranet IP address because submission of the login form even with blank credentials provides this address to the attacker's client for use as a "host" value. In other words, after an attacker's web browser sent a...
CVE-2023-45894
The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques...
PT-2023-29752 · Parallels · Parallels Ras
Name of the Vulnerable Software and Affected Versions: Parallels RAS versions prior to 19.2.23975 Description: The issue allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques because the Remote Application Server in Parallels RAS does not segment...
Design/Logic Flaw
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload injected into the Host header...
CVE-2022-40870
The Web Client of Parallels Remote Application Server v18.0 is vulnerable to Host Header Injection attacks. This vulnerability allows attackers to execute arbitrary commands via a crafted payload injected into the Host header...
Unspecified Vulnerability in Parallels Remote Application Server
Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. A security vulnerability exists in Parallels Remote Application Server RAS that originated from a vulnerability that allows a local attacker to retrieve certain...
CVE-2020-8968
CVE-2020-8968 affects Parallels Remote Application Server (RAS). A local attacker can retrieve certain profile passwords in clear text by uploading a previously stored cyphered file, compromising confidentiality (and potentially integrity/availability of user data). Exploitation is local and requ...
Parallels Remote Application Server Information Disclosure Vulnerability
Parallels Remote Application Server RAS is an application delivery and VDI Virtual Desktop Infrastructure solution from Parallels, Inc. in the United States. A security vulnerability exists in Parallels Remote Application Server that allows a remote attacker to discover an intranet IP address...
Parallels Remote Application Server (RAS) Remote Code Execution Vulnerability
Parallels Remote Application Server RAS is a comprehensive virtual application and desktop delivery solution for your employees to access and use applications and data from any device. A remote code execution vulnerability exists in Parallels Remote Application Server RAS 17.1.1. The vulnerabilit...
Remote code execution
Parallels Remote Application Server RAS 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published. In addition, it wa...
Parallels Remote Application Server Path Traversal Vulnerability
Parallels Remote Application Server RAS is a suite of virtual application and desktop delivery solutions from Parallels, Inc. in the United States. The solution provides remote access to virtual desktops and applications for devices on the network. A security vulnerability exists in the web...
Parallels Remote Application Server (RAS) Detection (HTTP)
HTTP based detection of Parallels Remote Application Server RAS. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-9447
In the web interface of Parallels Remote Application Server RAS 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary...